Is non-compliance the way forward? 155



  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • This post is deleted!


  • I understand your frustration: but quite simply… it’s the law.
    SOX isn’t an optional extra. It isn’t a ‘nice to have’. It’s legislation, with specific requirements and deadlines. If you refuse to comply, you are breaking this law, and are subject to the consequences that follow. Do you want to take that risk?



  • Interesting thought. I believe that the law requires management to document their understanding of processes and make an assertion as to the effectiveness of internal controls. Are you still in compliance with the law if your assertion is that they are not effective or if you do not have enough evidence to make that assertion?
    I think that Wall Street will be the deciding factor and that it will ultimately be that this is a permanent change in how we do business. It would take all companies listed on a major exchange to rebel against the requirements for anything to happen. If only a few rebel, then they will likely be punished in the marketplace as their stock plummets (who will want to invest in a company who cannot or will not guarantee that they have adequate internal controls in place?).
    What I do think will change is that the public accounting firms will ease up a bit on the level of documentation that they think companies need in order to get happy with the effectiveness of controls. I think that your auditor is trying to be conservative as to fee increases. While we will see increases in fees, I don’t expect them to be as large as you have indicated.



  • Non compliance is a good indicator that your controls are weak, but it only indicates the potential for fraud not the actual behavior. I think that the shareholders will place a significant portion of their confidence in this process even though we all know if there is something to hide you can always hide it for some duration. Shareholders are looking for assurance, and they have really lost the ability to receive that assurance from the previous means of auditing, so the SEC stepped it up a notch. I do firmly believe this will have a grave impact on the stock market for companies who choose or fail compliance, but it has yet to be decided what will constitute an adverse opinion. You may have deficiencies, but they may not constitute a material weakness therefore not giving your company and adverse opinion from the externals. While I realize that the overall cost of SOX has been substantial for most companies, you are failing to realize the benefits this process can provide for you. You have now established a great COSO foundation, expand upon it to assist in creating a more effective and efficient company by beginning the ERM process.



  • Thanks for your comments everyone.
    I would take issue with the comment that non-compliance means that you have weak controls. In all the man-weeks that we have spent on this project we have not altered one control materially. The controls were all there, they were just not docujented in a way that would satisfy our auditors.
    Speaking of auditors, we have had our first bill for theit preliminary SOX audit. It would seem that our audit costs will not double this year, they will triple. How can such costs be justified? If SOX is meant to be protecting shareholder interest it seems a bit strange to be taking huge chunks of the profits out of the company and into the pockets of auditors.


Log in to reply